Re: NTP and how to set it up

denis.roy · ‎10-15-2002

How would you setup NTP on a 3640 router; so it could recieve time and sync with the local network?

steve.barlow · ‎10-15-2002

Set your time and timezone and clock summer-time first then enter: ntp server 10.10.10.1 (where 10.10.10.1 is your ntp server/master).

Verify with show ntp association and show ntp status.

You can set it up for authentication as well:

ntp authenticate

ntp authentication-key 1 md5 xxxxx

ntp trusted-key 1

ntp access-group serve-only 1

ntp source loopback0 (to match the acl)

access-list 1 ....

A link with the basics: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_q_and_a_item09186a0080093f16.shtml

Steve

denis.roy · ‎10-15-2002

I configured the router to be able to put the time off a stratus 2 server, but I don't seem to be able to pull time of the router. What commands, access is nedded to make the router a time server?

MTL_GW1#show ntp status

Clock is synchronized, stratum 2, reference is 128.9.176.30

nominal freq is 250.0000 Hz, actual freq is 249.9994 Hz, precision is 2**24

reference time is C156C8BE.C0C71790 (13:02:54.753 edt Tue Oct 15 2002)

clock offset is 21.0616 msec, root delay is 141.43 msec

root dispersion is 49.87 msec, peer dispersion is 28.81 msec

MTL_GW1#show ntp association

address ref clock st when poll reach delay offset disp

*~128.9.176.30 .GPS. 1 168 1024 377 141.4 21.06 15.9

+~199.212.17.35 142.135.6.200 2 356 1024 377 31.7 3.86 19.5

* master (synced), # master (unsynced), + selected, - candidate, ~ configured

steve.barlow · ‎10-15-2002

If you want the router to be a time source for others set it as master: ntp master.

ntp master- allow others to synch with you

ntp server- allow you to synch with that server

ntp peer- allow local router to synch with the peer, or vice versa

Steve

ggersch · ‎10-16-2002

No, thats not quite right. As soon as you enter a valid 'ntp server' or 'ntp peer' command, the ntp process starts on the router, and is available for other devices to sync against.

Be careful with the 'ntp master' command. Its intended to let your router maintain a valid stratum level if you do not have ntp servers to sync against, or if you lose them temporarily. Its not a necessary command for your router to serve ntp to other devices.

The 'ntp peer' command is to sync with an ntp source at the same stratum level, and is usually set on both devices for bi-directional syncing. Usually you would have 2-3 internal ntp servers set up as peers, and those peers would each be synced to 2-4 unique outside stratum 2 servers. All internal devices would sync to two members of this peer group.

See the ntp commands in :

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_r/frprt3/frd3003.htm

It looks from the output of your 'sho ntp assoc' that you are syncing to two outside servers, although you've synced to the stratum 1 device. So your router is set up correctly.

What are you trying to sync to the router? What is the output of their status, assoc, and peers commands?

Use the 'ntptrace' and 'ntpq' diagnostic programs from the xntpd daemons to check your router. These commands are included in most unix distributions. You can get the latest NT versions at: http://www.five-ten-sg.com/ Look for the 'NTP 4.1.71' link bottom left.

Greg